1. Overview Internet Society is seeking a Data Governance Policy Writer to develop key data governance policies and associated Standard Operating Procedures (SOPs) in alignment with ISO 27001 standards. These policies will establish clear guidelines for data ownership, classification, and access control, ensuring compliance with best practices for information security and governance. 2. Scope of Work The consultant will be responsible for drafting and finalizing the following policies and their corresponding SOPs: a. Ownership and Stewardship Policy i. Defines the roles and responsibilities for data owners and stewards. ii. Establishes accountability for data quality, and lifecycle management. iii. SOP: Step-by-step guidelines for staff on how to assign, track, and fulfill data ownership responsibilities. b. Classification Policy i. Establishes a structured framework for categorizing data based on sensitivity, criticality, and regulatory requirements. ii. Defines labeling, handling, and retention requirements. iii. SOP: Instructions for staff on how to classify, store, and manage data according to policy guidelines. c. Access and Usage Policy i. Sets criteria for granting, reviewing, and revoking data access. ii. Defines user roles, responsibilities, and permitted usage in compliance with ISO 27001. iii. SOP: Clear procedures for staff on how to request, review, and manage access permissions in alignment with security protocols. For each policy, the consultant will: Research and incorporate ISO 27001 best practices. Draft policies and ensure alignment with existing governance frameworks. Develop corresponding SOPs that provide clear, actionable steps for staff to function within the policy. Revise and finalize documents based on stakeholder feedback. 3. Deliverables Draft versions of each policy and SOP for review. Finalize policies and SOPs incorporating stakeholder input. Implementation guidelines to assist in operationalizing the policies 4. Timeline Project Start Date: TBD First Draft Submission: 3 Weeks Final Deliverables: 2 weeks after draft 5. Required Skills and Experience Proven experience in data governance, policy writing, and compliance. Strong understanding of ISO 27001 and information security principles. Ability to create clear, actionable, and organization-specific policies. 6. Reporting and Communication The consultant will provide at least weekly status updates and coordinate with Morgan Steinlin for feedback and revisions.
Keyword: Technical Writing
Writing Policy Writing English ISO 27001 Compliance
We are seeking a highly skilled and experienced technical writer with a strong background in aerospace or piloting for a company that designs and manufactures drones. Responsibilities: -Develop clear, concise, and accurate technical documentation. -Research and gather i...
View JobI am seeking a Senior Level Software Engineer who can help polish and enhance my resume to make it suitable for FAANG SDE positions. The ideal candidate will have experience in crafting resumes that highlight technical skills and achievements in a compelling way. You sh...
View JobWe're seeking an experienced legal writer with expertise in mass tort litigation to create professional white papers on our behalf. The ideal candidate will have strong legal knowledge combined with the ability to produce authoritative, well-researched white papers that...
View Job